mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 945855: Remove the security.first_network_revocation_method pref, r=briansmith
--HG-- extra : rebase_source : e416ba1e78f95234d403c078ad81b5fddcce947a extra : amend_source : 7adbe291df748b5a6d1f1122573e862bdc5f5f11
This commit is contained in:
parent
9358ea030d
commit
8cc419fcda
@ -25,15 +25,12 @@ CertVerifier::CertVerifier(missing_cert_download_config mcdc,
|
||||
ocsp_download_config odc,
|
||||
ocsp_strict_config osc,
|
||||
any_revo_fresh_config arfc,
|
||||
const char *firstNetworkRevocationMethod,
|
||||
ocsp_get_config ogc)
|
||||
: mMissingCertDownloadEnabled(mcdc == missing_cert_download_on)
|
||||
, mCRLDownloadEnabled(cdc == crl_download_allowed)
|
||||
, mOCSPDownloadEnabled(odc == ocsp_on)
|
||||
, mOCSPStrict(osc == ocsp_strict)
|
||||
, mRequireRevocationInfo(arfc == any_revo_strict)
|
||||
, mCRLFirst(firstNetworkRevocationMethod != nullptr &&
|
||||
!strcmp("crl", firstNetworkRevocationMethod))
|
||||
, mOCSPGETEnabled(ogc == ocsp_get_enabled)
|
||||
{
|
||||
MOZ_COUNT_CTOR(CertVerifier);
|
||||
@ -361,8 +358,7 @@ CertVerifier::VerifyCert(CERTCertificate * cert,
|
||||
;
|
||||
|
||||
rev.leafTests.preferred_methods[0] =
|
||||
rev.chainTests.preferred_methods[0] =
|
||||
mCRLFirst ? cert_revocation_method_crl : cert_revocation_method_ocsp;
|
||||
rev.chainTests.preferred_methods[0] = cert_revocation_method_ocsp;
|
||||
|
||||
rev.leafTests.cert_rev_method_independent_flags =
|
||||
rev.chainTests.cert_rev_method_independent_flags =
|
||||
|
@ -47,7 +47,6 @@ private:
|
||||
CertVerifier(missing_cert_download_config ac, crl_download_config cdc,
|
||||
ocsp_download_config odc, ocsp_strict_config osc,
|
||||
any_revo_fresh_config arfc,
|
||||
const char *firstNetworkRevocationMethod,
|
||||
ocsp_get_config ogc);
|
||||
~CertVerifier();
|
||||
|
||||
@ -56,7 +55,6 @@ private:
|
||||
const bool mOCSPDownloadEnabled;
|
||||
const bool mOCSPStrict;
|
||||
const bool mRequireRevocationInfo;
|
||||
const bool mCRLFirst;
|
||||
const bool mOCSPGETEnabled;
|
||||
friend class ::nsNSSComponent;
|
||||
};
|
||||
|
@ -1010,12 +1010,6 @@ void nsNSSComponent::setValidationOptions()
|
||||
bool aiaDownloadEnabled = Preferences::GetBool("security.missing_cert_download.enabled",
|
||||
false);
|
||||
|
||||
nsCString firstNetworkRevo =
|
||||
Preferences::GetCString("security.first_network_revocation_method");
|
||||
if (firstNetworkRevo.IsEmpty()) {
|
||||
firstNetworkRevo = "ocsp";
|
||||
}
|
||||
|
||||
bool ocspStaplingEnabled = Preferences::GetBool("security.ssl.enable_ocsp_stapling",
|
||||
true);
|
||||
if (!ocspEnabled) {
|
||||
@ -1051,7 +1045,6 @@ void nsNSSComponent::setValidationOptions()
|
||||
CertVerifier::ocsp_strict : CertVerifier::ocsp_relaxed,
|
||||
anyFreshRequired ?
|
||||
CertVerifier::any_revo_strict : CertVerifier::any_revo_relaxed,
|
||||
firstNetworkRevo.get(),
|
||||
ocspGetEnabled ?
|
||||
CertVerifier::ocsp_get_enabled : CertVerifier::ocsp_get_disabled);
|
||||
|
||||
@ -1674,7 +1667,6 @@ nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
|
||||
|| prefName.Equals("security.CRL_download.enabled")
|
||||
|| prefName.Equals("security.fresh_revocation_info.require")
|
||||
|| prefName.Equals("security.missing_cert_download.enabled")
|
||||
|| prefName.Equals("security.first_network_revocation_method")
|
||||
|| prefName.Equals("security.OCSP.require")
|
||||
|| prefName.Equals("security.OCSP.GET.enabled")
|
||||
|| prefName.Equals("security.ssl.enable_ocsp_stapling")) {
|
||||
|
Loading…
Reference in New Issue
Block a user